security update in Fedora 23 for qemu

Status: stable 3 years ago
  • CVE-2015-8619: Fix sendkey out of bounds (bz #1292757)
  • CVE-2016-1981: infinite loop in e1000 (bz #1299995)
  • Fix Out-of-bounds read in usb-ehci (bz #1300234, bz #1299455)
  • CVE-2016-2197: ahci: null pointer dereference (bz #1302952)
  • Fix gdbstub for VSX registers for ppc64 (bz #1304377)
  • Fix qemu-img vmdk images to work with VMware (bz #1299185)

Comments 8

This update has been submitted for testing by crobinso.

This update has been pushed to testing.

Works for me.

karma: +1

works for me with fedora and centos guests

karma: +1

This update has been submitted for stable by bodhi.

no regressions noted

karma: +1

Works for me.

karma: +1

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
Test Gating
Submitted by
Update Type
Update Severity
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Autopush (time)
submitted 3 years ago
in testing 3 years ago
in stable 3 years ago

Related Bugs 9

00 #1283926 CVE-2015-8619 Qemu: hmp: stack based OOB write in hmp_sendkey routine
00 #1292757 CVE-2015-8619 qemu: Stack-based buffer overflow in hmp_sendkey() [fedora-all]
00 #1298570 CVE-2016-1981 Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines
00 #1299455 Qemu: usb ehci out-of-bounds read in ehci_process_itd
00 #1299995 CVE-2016-1981 qemu: qemu-kvm: Infinite loop and out-of-bounds transfer start in start_xmit() and e1000_receive_iov() [fedora-all]
00 #1300234 qemu: Out-of-bounds read in usb-echi [fedora-all]
00 #1302057 CVE-2016-2197 Qemu: ide: ahci null pointer dereference when using FIS CLB engines
00 #1302952 CVE-2016-2197 qemu: Null pointer dereference in ahci [fedora-all]
00 #1304377 Fedora - QEMU gdbserver cannot access VSX registers

Automated Test Results